stapel_eliz Posted October 28, 2021 Report Share Posted October 28, 2021 1) I (finally) got around to updating Revive from 2016's 5.0.4 to 2021's 5.3.0. I did the update through cPanel's Softaculous package. It did the update successfully, but didn't seem to *know* that it had done the update, as it reported that I was still running 5.0.4. When I asked it then to do the update again, it checked and then "noticed" (?) that the version was indeed 5.3.0. The "installation" date remained from 2016. Today, I used Softaculous (which was still showing the version as being 5.0.4) to update from 5.3.0 to 5.3.1. The update went through correctly, and Softaculous has updated the version to show 5.3.1. However, the install date from 2016 remains. Ideas? 2) When I log into Revive, I am immediately taken to the Admin's Configuration => Maintenance => Security page, where I find the following warning: Some directories in the Revive Adserver package are not supposed to be served by your webserver directly, for security reasons. Leaving such files and directories accessible might disclose unwanted information and pose a security threat. A quick security check has been run and you will find the results below. Your browser was able to fetch some files that should not be accessible. For example: var/INSTALLED var/cache/README.txt etc/database_action.xml plugins/etc/openXDeliveryLog.xml Click here to find more information on how to secure your installation. When I click on the "more information" link, I am taken to: * https://www.revive-adserver.com/how-to/secure-your-installation/ My Apache server *does* allow .htaccess files, so the above page kinda reads like I shouldn't need to do anything. But I tried adding the specified language anyway: <Directory /home/username/public_html/revive_directory> AllowOverride AuthConfig Limit </Directory> This immediately started generating loads of server errors. So I removed the language, and am now stuck with the Security "warnings". Another user has even tried deleting the README file, but still gets the error message about it. (See thread below.) In my case, the INSTALLED file is empty, so I fail to see what "risk" it could pose...? Are these files, and their possible accessibility, *really* an issue? If so, will somebody from Revive please provide a working fix, or at least reply with an explanation? Thank you! Eliz. Stapel Quote Link to comment Share on other sites More sharing options...
Fritex Posted January 2, 2022 Report Share Posted January 2, 2022 Same as me Quote Link to comment Share on other sites More sharing options...
flyzone Posted November 25, 2022 Report Share Posted November 25, 2022 Wondering if you did find a solution to this var/cache/README.txt issue Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.